[plug] PAM/LDAP
Padraig MacIain
draoidh at iinet.net.au
Tue May 16 15:06:30 WST 2006
On Tue, May 16, 2006 at 03:01:05PM +0800, Padraig MacIain wrote:
> On Tue, May 16, 2006 at 12:46:07PM +0800, Patrick Coleman wrote:
> > Hi,
> > I've been setting up LDAP recently across some servers of mine. Both
> > are debian stable.
> >
> > to a subset of users, specifically everyone in 'wheel'.
> >
> > There are various options in /etc/pam_ldap.conf that look like they do
> > exactly what I want - pam_filter, pam_check_host_attr and pam_groupdn
> > - but none of these appears to do anything. I'm thinking that perhaps
> > it may be something to do with my /etc/pam.d config.
> >
> > Has anyone done a similar sort of setup? I might also try the openldap
> > mailing lists, and I'll post here if I get any solutions.
> >
>
> You might want to use a pam_filter line in your pam_ldap.conf file
>
> something like
>
> pam_filter (groupSpecial=wheel)
>
> or something equally as far as an LDAP schema goes. This'll make pam_ldap
> only accept once the filter is passed (as well as really authenticating)
>
whoops :/ you already tried that - misread the original email.
Padraig // www.nimheil.org
More information about the plug
mailing list